[Secure-testing-commits] r13694 - bin lib/python
Michael Gilbert
gilbert-guest at alioth.debian.org
Sat Jan 2 01:37:51 UTC 2010
Author: gilbert-guest
Date: 2010-01-02 01:37:50 +0000 (Sat, 02 Jan 2010)
New Revision: 13694
Modified:
bin/tracker_service.py
lib/python/bugs.py
lib/python/security_db.py
Log:
adding support for <undetermined> in the tracker service. feedback and comments are very welcome.
Modified: bin/tracker_service.py
===================================================================
--- bin/tracker_service.py 2010-01-01 02:30:46 UTC (rev 13693)
+++ bin/tracker_service.py 2010-01-02 01:37:50 UTC (rev 13694)
@@ -83,6 +83,7 @@
padding-right : 0.25em; }
td { vertical-align: baseline }
span.red { color: red; }
+span.purple { color: purple; }
span.dangerous { color: rgb(191,127,0); }
"""), SCRIPT('''var old_query_value = "";
@@ -327,7 +328,9 @@
if not bug.not_for_us:
for (release, status, reason) in bug.getStatus(cursor):
- if status <> 'fixed':
+ if status == 'undetermined':
+ reason = self.make_purple(reason)
+ elif status <> 'fixed':
reason = self.make_red(reason)
yield B('Debian/%s' % release), reason
@@ -347,9 +350,12 @@
package = compose(
self.make_source_package_ref(url, package),
" (", self.make_pts_ref(url, package, 'PTS'), ")")
- if vulnerable:
+ if vulnerable == 1:
vuln = self.make_red('vulnerable')
version = self.make_red(version)
+ elif vulnerable == 2:
+ vuln = self.make_purple('undetermined')
+ version = self.make_purple(version)
else:
vuln = 'fixed'
@@ -370,9 +376,12 @@
old_pkg = pkg
packages = self.make_binary_packages_ref(url, packages)
- if vulnerable:
+ if vulnerable == 1:
vuln = self.make_red('vulnerable')
version = self.make_red(version)
+ elif vulnerable == 2:
+ vuln = self.make_purple('undetermined')
+ version = self.make_purple(version)
else:
vuln = 'fixed'
yield (packages,
@@ -644,6 +653,8 @@
urgency = ''
elif urgency == 'high':
urgency = self.make_red(urgency)
+ elif urgency == 'undetermined':
+ urgency = self.make_purple(urgency)
else:
if no_dsa:
urgency = urgency + '*'
@@ -760,6 +771,8 @@
urgency = ''
elif urgency == 'high':
urgency = self.make_red(urgency)
+ elif urgency == 'undetermined':
+ urgency = self.make_purple(urgency)
yield pkg_name, self.make_xref(url, bug_name), urgency, remote
return self.create_page(
@@ -1228,6 +1241,9 @@
def make_red(self, contents):
return SPAN(contents, _class="red")
+
+ def make_purple(self, contents):
+ return SPAN(contents, _class="purple")
def make_dangerous(self, contents):
return SPAN(contents, _class="dangerous")
Modified: lib/python/bugs.py
===================================================================
--- lib/python/bugs.py 2010-01-01 02:30:46 UTC (rev 13693)
+++ lib/python/bugs.py 2010-01-02 01:37:50 UTC (rev 13694)
@@ -23,7 +23,7 @@
def listUrgencies():
urgencies = {}
- urgs = ("high", "medium", "low", "unimportant", "unknown")
+ urgs = ("high", "medium", "low", "unimportant", "unknown", "undetermined")
for u in range(len(urgs)):
urgencies[urgs[u]] = Urgency(urgs[u], -u)
Urgency.urgencies = urgencies
@@ -610,6 +610,12 @@
pkg_notes.append(PackageNoteParsed
(p, None, d, release=release))
self.removed_packages[p] = True
+ elif v == 'undetermined':
+ if not d:
+ d = 'undetermined'
+ pkg_notes.append(PackageNoteParsed
+ (p, 'undetermined', 'undetermined',
+ release=release))
else:
self.raiseSyntaxError(
"invalid special version %s in package entry"
Modified: lib/python/security_db.py
===================================================================
--- lib/python/security_db.py 2010-01-01 02:30:46 UTC (rev 13693)
+++ lib/python/security_db.py 2010-01-02 01:37:50 UTC (rev 13694)
@@ -276,7 +276,7 @@
(bug_name TEXT NOT NULL,
release TEXT NOT NULL,
status TEXT NOT NULL
- CHECK (status IN ('vulnerable', 'fixed', 'unknown',
+ CHECK (status IN ('vulnerable', 'fixed', 'unknown', 'undetermined',
'partially-fixed', 'todo')),
reason TEXT NOT NULL,
PRIMARY KEY (bug_name, release))""")
@@ -792,7 +792,7 @@
EXCEPT SELECT name FROM bugs"""):
if bug[0:3] == "VU#":
continue
- errors.append("reference to unknwown bug " + bug)
+ errors.append("reference to unknown bug " + bug)
if self.verbose:
print " copy notes"
@@ -1038,7 +1038,10 @@
cursor.execute(
"""INSERT INTO source_package_status
SELECT n.bug_name, p.rowid,
- n.fixed_version IS NULL OR p.version_id < n.fixed_version_id,
+ ( ( n.fixed_version IS NULL
+ OR p.version_id < n.fixed_version_id )
+ AND NOT ( n.fixed_version IS 'undetermined' ) )
+ + 2*( n.fixed_version IS 'undetermined' ),
n.urgency
FROM package_notes AS n, source_packages AS p
WHERE n.release = '' AND p.name = n.package""")
@@ -1051,7 +1054,10 @@
cursor.execute(
"""INSERT OR REPLACE INTO source_package_status
SELECT n.bug_name, p.rowid,
- n.fixed_version IS NULL OR p.version_id < n.fixed_version_id,
+ ( ( n.fixed_version IS NULL
+ OR p.version_id < n.fixed_version_id )
+ AND NOT ( n.fixed_version IS 'undetermined' ) )
+ + 2*( n.fixed_version IS 'undetermined' ),
n.urgency
FROM package_notes AS n, source_packages AS p
WHERE p.name = n.package
@@ -1062,8 +1068,10 @@
cursor.execute(
"""INSERT INTO binary_package_status
SELECT n.bug_name, p.rowid,
- n.fixed_version IS NULL
- OR p.source_version_id < n.fixed_version_id,
+ ( ( n.fixed_version IS NULL
+ OR p.source_version_id < n.fixed_version_id )
+ AND NOT ( n.fixed_version IS 'undetermined' ) )
+ + 2*( n.fixed_version IS 'undetermined' ),
n.urgency
FROM package_notes AS n, binary_packages AS p
WHERE n.release = '' AND p.source = n.package""")
@@ -1071,8 +1079,10 @@
cursor.execute(
"""INSERT OR REPLACE INTO binary_package_status
SELECT n.bug_name, p.rowid,
- n.fixed_version IS NULL
- OR p.source_version_id < n.fixed_version_id,
+ ( ( n.fixed_version IS NULL
+ OR p.source_version_id < n.fixed_version_id )
+ AND NOT ( n.fixed_version IS 'undetermined' ) )
+ + 2*( n.fixed_version IS 'undetermined' ),
n.urgency
FROM package_notes AS n, binary_packages AS p
WHERE p.source = n.package AND p.release = n.release""")
@@ -1088,7 +1098,10 @@
cursor.execute(
"""INSERT INTO binary_package_status
SELECT n.bug_name, p.rowid,
- n.fixed_version IS NULL OR p.version_id < n.fixed_version_id,
+ ( ( n.fixed_version IS NULL
+ OR p.version_id < n.fixed_version_id )
+ AND NOT ( n.fixed_version IS 'undetermined' ) )
+ + 2*( n.fixed_version IS 'undetermined' ),
n.urgency
FROM package_notes AS n, binary_packages AS p
WHERE n.release = '' AND p.name = n.package
@@ -1099,7 +1112,10 @@
cursor.execute(
"""INSERT OR REPLACE INTO binary_package_status
SELECT n.bug_name, p.rowid,
- n.fixed_version IS NULL OR p.version_id < n.fixed_version_id,
+ ( ( n.fixed_version IS NULL
+ OR p.version_id < n.fixed_version_id )
+ AND NOT ( n.fixed_version IS 'undetermined' ) )
+ + 2*( n.fixed_version IS 'undetermined' ),
n.urgency
FROM package_notes AS n, binary_packages AS p
WHERE p.name = n.package AND p.release = n.release
@@ -1110,8 +1126,10 @@
cursor.execute(
"""INSERT INTO source_package_status
SELECT n.bug_name, s.rowid,
- MAX(n.fixed_version IS NULL
- OR b.version_id < n.fixed_version_id),
+ MAX( ( ( n.fixed_version IS NULL
+ OR b.version_id < n.fixed_version_id )
+ AND NOT ( n.fixed_version IS 'undetermined' ) )
+ + 2*( n.fixed_version IS 'undetermined' ) ),
MAX(n.urgency)
FROM package_notes AS n, binary_packages AS b,
source_packages AS s
@@ -1146,6 +1164,7 @@
"""Update bug_status with bug_name for unstable."""
vulnerable_packages = []
+ undetermined_packages = []
have_something = False
for (package, vulnerable) in cursor.execute(
"""SELECT DISTINCT sp.name, st.vulnerable
@@ -1158,19 +1177,30 @@
ORDER BY sp.name""",
(bug_name,)):
have_something = True
- if vulnerable:
+ if vulnerable == 1:
vulnerable_packages.append(package)
+ elif vulnerable == 2:
+ undetermined_packages.append(package)
- if vulnerable_packages:
- if len(vulnerable_packages) == 1:
- pkgs = "package %s is vulnerable" % vulnerable_packages[0]
- else:
- pkgs = ("packages %s are vulnerable"
- % ', '.join(vulnerable_packages))
+ if vulnerable_packages or undetermined_packages:
+ pkgs = ""
+ status = 'undetermined'
+ if vulnerable_packages:
+ status = 'vulnerable'
+ if len(vulnerable_packages) == 1:
+ pkgs += "package %s is vulnerable. " % vulnerable_packages[0]
+ else:
+ pkgs += ("packages %s are vulnerable. "
+ % ', '.join(vulnerable_packages))
+ if undetermined_packages:
+ if len(undetermined_packages) == 1:
+ pkgs += "package %s may be vulnerable but needs to be checked." % undetermined_packages[0]
+ else:
+ pkgs += ("packages %s may be vulnerable but need to be checked."
+ % ', '.join(undetermined_packages))
cursor.execute("""INSERT INTO bug_status
(bug_name, release, status, reason)
- VALUES (?, 'unstable', 'vulnerable', ?)""",
- (bug_name, pkgs))
+ VALUES (?, 'unstable', ?, ?)""", (bug_name, status, pkgs))
else:
if have_something:
status = "not vulnerable"
@@ -1205,16 +1235,21 @@
# Check if any packages in plain testing are vulnerable, and
# if all of those have been fixed in the security archive.
fixed_in_security = True
- pkgs = {}
+ unfixed_pkgs = {}
+ undet_pkgs = {}
for ((package, note), vulnerable) in status[''].items():
- if vulnerable:
- pkgs[package] = True
+ if vulnerable == 1:
+ unfixed_pkgs[package] = True
if status['security'].get((package, note), True):
fixed_in_security = False
+ elif vulnerable == 2:
+ undet_pkgs[package] = True
- pkgs = pkgs.keys()
- pkgs.sort()
- if len(pkgs) == 0:
+ unfixed_pkgs = unfixed_pkgs.keys()
+ unfixed_pkgs.sort()
+ undet_pkgs = undet_pkgs.keys()
+ undet_pkgs.sort()
+ if len(unfixed_pkgs) == 0 and len(undet_pkgs) == 0:
if len(status[''].keys()) == 0:
msg = "not known to be vulnerable"
else:
@@ -1225,19 +1260,27 @@
(bug_name, suite, msg))
return
- if len(pkgs) == 1:
- pkgs = "package " + pkgs[0] + " is "
- else:
- pkgs = "packages " + ", ".join(pkgs) + " are "
- if fixed_in_security:
- pkgs = "%sfixed in %s-security" % (pkgs, suite)
- if suite == 'stable':
- status = 'fixed'
+ pkgs = ""
+ if len(unfixed_pkgs) > 0:
+ if len(unfixed_pkgs) == 1:
+ pkgs += "package " + unfixed_pkgs[0] + " is "
else:
- status = "partially-fixed"
+ pkgs += "packages " + ", ".join(unfixed_pkgs) + " are "
+ if fixed_in_security:
+ pkgs = "%sfixed in %s-security. " % (pkgs, suite)
+ if suite == "stable":
+ status = "fixed"
+ else:
+ status = "partially-fixed"
+ else:
+ pkgs += "vulnerable. "
+ status = "vulnerable"
else:
- pkgs += "vulnerable"
- status = "vulnerable"
+ status = "undetermined"
+ if len(undet_pkgs) == 1:
+ pkgs += "package " + undet_pkgs[0] + " may be vulnerable but needs to be checked."
+ else:
+ pkgs += "package " + ", ".join(undet_pkgs) + " may be vulnerable but need to be checked."
cursor.execute("""INSERT INTO bug_status
(bug_name, release, status, reason)
@@ -1272,7 +1315,7 @@
c.execute("""DELETE FROM vulnlist WHERE name LIKE 'TEMP-0000000-%'""")
urgency_to_flag = {'low' : 'L', 'medium' : 'M', 'high' : 'H',
- 'unknown' : ' '}
+ 'unknown' : ' ' , 'undetermined' : ' '}
result = ["VERSION 0\n"]
for (name, package, fixed_version, kind, urgency, remote, description,
@@ -1406,7 +1449,7 @@
fill_bug_to_index()
urgency_to_flag = {'low' : 'L', 'medium' : 'M', 'high' : 'H',
- 'unknown' : ' '}
+ 'unknown' : ' ', 'undetermined' : ' '}
vuln_list = []
source_packages = {}
More information about the Secure-testing-commits
mailing list